XML Superior Digital Signatures (XAdES) W3C Note twenty February 2003 This model: Most current edition: Authors: Juan Carlos Cruellas, UPC<cruellas@ac.upc.es> Gregor Karlinger,
Microsoft Office Professional Plus 2010, IAIK<gregor.kerlinger@iaik.at> Denis Pinkas, Bull<Denis.Pinkas@bull.net> John Ross, Security and Standards<ross@secstan.com> Editors: Juan Carlos Cruellas, UPC<cruellas@ac.upc.es> Gregor Karlinger, IAIK<gregor.kerlinger@iaik.at> Krishna Sankar,
Office Professional Plus 2010, Cisco<ksankar@cisco.com> Contributor: Krishna Sankar, Cisco<ksankar@cisco.com>
Copyright © 2003 ETSI , All
Rights Reserved.
Abstract
This be aware (XAdES) extends the IETF/W3CXML-Signature Syntax and Processing
specification [XMLDSIG] into the domain of
non-repudiation by defining XML formats for sophisticated electronic signatures
that remain valid over long periods and are compliant with the European
"Directive 1999/93/EC of the European Parliament and of the Council of 13
December 1999 on a Community framework for digital signatures" [EU-DIR-ESIG] (also denoted as "the Directive" or the
"European Directive" in the rest of the present document) and incorporate
additional useful information in common uses cases. This includes evidence as
to its validity even if the signer or verifying party later attempts to deny
(repudiates) the validity of the signature.
An innovative digital signature aligned with the present document can,
Office 2007 Key, in
consequence, be used for arbitration in case of a dispute between the signer
and verifier, which may occur at some later time, even years later.
This observe adds six additional forms to [XMLDSIG]]:
XML Superior Electronic Signature (XAdES): Provides basic authentication and integrity protection and satisfies the legal requirements for advanced electronic signatures as defined in the European Directive [EU-DIR-ESIG]. But does not provide non-repudiation of its existence. This form adds the following elements to [XMLDSIG]:
QualifyingProperties
SignedProperties
SignedSignatureProperties
SigningTime
SigningCertificate
SignaturePolicyIdentifier
SignatureProductionPlace?
SignerRole?
SignedDataObjectProperties
DataObjectFormat*
CommitmentTypeIndication*
AllDataObjectsTimeStamp*
IndividualDataObjectsTimeStamp*
UnsignedProperties
UnsignedSignatureProperties
CounterSignature*
XML Superior Electronic Signature with Time-Stamp (XAdES-T): Includes time-stamp to provide protection against repudiation. This form adds the following element to XAdES form within the indicated element:
Within UnsignedSignatureProperties element:
SignatureTimeStamp+
XML Innovative Digital Signature with complete validation data (XAdES-C): Includes references to the set of data supporting the validation of the electronic signature (i.e. the references to the certification path and its associated revocation status information). This form is useful for those situations where such information is archived by an external source, like a trusted service provider. This form adds the following elements to XAdES-T form within the indicated element:
Within UnsignedSignatureProperties element:
CompleteCertificateRefs
CompleteRevocationRefs
XML Sophisticated Electronic Signature with eXtended validation data (XAdES-X): Includes time-stamp on the references to the validation data or on the ds:Signature element and the aforementioned validation data. This time-stamp counters the risk that any keys used in the certificate chain or in the revocation status information may be compromised. As it has been said, this form has two alternative implementations. The first one adds the following element to XAdES-C:
Within the UnsignedSignatureProperties element :
RefsOnlyTimeStamp*
The second one, adds the following element to XAdES-C:
Within the UnsignedSignatureProperties element:
SigAndRefsTimeStamp*
XML Superior Digital Signature with eXtended validation data incorporated for the long term (XAdES-X-L): Includes the validation data for those situations where the validation data are not stored elsewhere for the long term. This form adds the following elements to XAdES-X:
Within the UnsignedSignatureProperties:
CertificatesValues
RevocationValues
XML Innovative Digital Signature with archiving validation data (XAdES-A): It includes additional time-stamps for archiving signatures in a way that they are protected if the cryptographic data become weak. This form adds the following elements to XAdES-X-L:
Within the UnsignedSignatureProperties:
ArchiveTimestamp+
This observe also articulates the following roles and their responsibilities
with respect to signature validity:
Signer: the entity that creates the electronic signature. When the signer digitally signs over data object(s) using the prescribed format,
Office Professional 2010, this represents a commitment on behalf of the signing entity to the data object(s) being signed.
Verifier: the entity that verifies the electronic signature. It may be a single entity or multiple entities
Trusted Service Providers: one or more entities that help to build trust relationships between the signer and verifier. The TSPs include Certification Authorities, Registration Authorities,
Office Professional Plus 2010, Repository Authorities (e.g. a directory), Time-Stamping Authorities, Signature Policy Issuers and Attribute Authorities.
Arbitrator: An entity that arbitrates in disputes between a signer and a verifier.